libsaml 2.13.1 → 2.14.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/saml.rb +2 -0
  3. data/lib/saml/bindings/http_redirect.rb +5 -1
  4. data/lib/saml/provider.rb +1 -1
  5. data/lib/saml/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5359f70cb191c9ed46d66b875efca2c5a456eef1
4
- data.tar.gz: 1c6d0fa41102a3c807c05fdf3d7d21f7b5e6a5ed
3
+ metadata.gz: 68cc374f731a02daa6a0f13462a40dc0fb5187f5
4
+ data.tar.gz: ad65e6af3a361ae5266dfcbf26625433b134f8ae
5
5
  SHA512:
6
- metadata.gz: 8379e0e7114a14b779325201a333226b803135d5ff417ad48e601e47d20f087bdce965a26cf29fab9adb48d81be00f6fe5d3bd86aac74e27c202a4c5306d9823
7
- data.tar.gz: 6bce47311f98cdc0aba1ceaee744e76005c5465ef013a3e9410f72b170d21049ff52c898e5c32810f05d5de930b3258a366fe22a74d8fd7e9c7fedf73c739580
6
+ metadata.gz: b2768e1991f8909d74c673c2819b71194a617a171952c4fbc65ca261e259fe99f4c5bf7832b8f46fe3916fa627b5adbf44904493851bbccaf73c02a34a72dd72
7
+ data.tar.gz: 6af57acd2b87f93cb6621d55a65498585056c890abc5cb1b1a286c267b417d8238a1c0e0e0fa8914be633383509568a5ad549ac5c5ac33c9591f21b028a25424
data/lib/saml.rb CHANGED
@@ -26,6 +26,8 @@ module Saml
26
26
  end
27
27
  class SignatureInvalid < SamlError
28
28
  end
29
+ class SignatureMissing < SamlError
30
+ end
29
31
  class InvalidProvider < SamlError
30
32
  end
31
33
  class UnparseableMessage < SamlError
data/lib/saml/bindings/http_redirect.rb CHANGED
@@ -19,7 +19,11 @@ module Saml
19
19
  redirect_binding = new(request_or_response, options)
20
20
  query_string = URI.parse(http_request.url).query
21
21
 
22
- redirect_binding.verify_signature(query_string) if request_or_response.provider.authn_requests_signed?
22
+ if http_request.params["Signature"].present?
23
+ redirect_binding.verify_signature(query_string)
24
+ else
25
+ raise Saml::Errors::SignatureMissing.new('Signature missing, but provider requires a signature') if request_or_response.provider.authn_requests_signed?
26
+ end
23
27
 
24
28
  request_or_response.actual_destination = http_request.url
25
29
  request_or_response
data/lib/saml/provider.rb CHANGED
@@ -84,7 +84,7 @@ module Saml
84
84
  end
85
85
 
86
86
  def authn_requests_signed?
87
- sp_descriptor.authn_requests_signed
87
+ sp_descriptor(false).try(:authn_requests_signed)
88
88
  end
89
89
 
90
90
  private
data/lib/saml/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Saml
2
- VERSION = "2.13.1"
2
+ VERSION = "2.14.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libsaml
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.13.1
4
+ version: 2.14.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Benoist Claassen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-11-17 00:00:00.000000000 Z
11
+ date: 2015-11-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport